Biometric Authentication: Will We Ever Get Rid of the Password?

Financial Institutions

May 01, 2016
by Joel Lego

Bookmark and Share
Joel Lego Joel Lego
Manager, IT Examinations

View Profile

One of the biggest challenges for financial institutions today is protecting access to customer information.  How can you be sure the person logging into a customer’s Internet banking application is who they claim to be? Since the inception of authentication, we have almost exclusively relied on passwords for authentication.  But the FFIEC’s Authentication in an Internet Banking Environment states that passwords, at least alone, are not good enough.  The guidance introduces requirements for dual or multifactor authentication.  While proving an added layer of security, the extra factors tend to be some other question or the use of a token.  This becomes cumbersome for the user, struggling to remember yet another password and then maintaining possession of a token or having to either look up or log into yet another location (with another password) to obtain the answer to some out-of-wallet question.  Now, thanks to some technology improvements and perhaps the necessity of a more convenient process, biometric authentication is beginning to see more widespread use.

Average Rating:

Length: 2 pages (PDF 53 kB)

Rate this Article
*  =  required fields
Your Rating*
E-mail Address*